41 matches found
WP Mega Menu < 1.4.1 - Subscriber+ Arbitrary Post Access
The plugin does not properly check for capability and CSRF due to a logic flaw, in its exporttheme and exportwpmegamenunavmenu methods, hooked as AJAX actions and available to any authenticated users. As a result, low privilege authenticated users such as subscribers can call them and access...
Exploit for Allocation of Resources Without Limits or Throttling in Th-Wildau Covid-19_Contact_Tracing
Introduction The application is used for tracking people acco...
Cross site request forgery (csrf)
In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...
Remote Code Execution (RCE)
nancy is vulnerable to remote code execution RCE. ObjectSerializer does not properly validate JSON data when handling CSRF cookies, allowing an attacker to inject a malicious JSON object through a CSRF Cookie...
Event Banner <= 1.3 - Arbitrary File Upload to RCE
The plugin does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Due to the lack of CSRF check, the issue can also be used via such vector to achieve the same result, or via a LFI as authorisation chec...
CVE-2019-19375
In Octopus Deploy before 2019.10.7, in a configuration where SSL offloading is enabled, the CSRF cookie was sometimes sent without the secure attribute. The fix for this was backported to LTS versions 2019.6.14 and 2019.9.8...
CVE-2019-19375
In Octopus Deploy before 2019.10.7, in a configuration where SSL offloading is enabled, the CSRF cookie was sometimes sent without the secure attribute. The fix for this was backported to LTS versions 2019.6.14 and 2019.9.8...
CVE-2019-19375
Octopus Deploy before 2019.10.7 could send the CSRF cookie without the secure attribute in configurations with SSL offloading. Root cause is the CSRF cookie not being marked secure under those conditions. The issue was addressed by backporting the fix to LTS branches 2019.6.14 and 2019.9.8, and t...
CVE-2019-19375
In Octopus Deploy before 2019.10.7, in a configuration where SSL offloading is enabled, the CSRF cookie was sometimes sent without the secure attribute. The fix for this was backported to LTS versions 2019.6.14 and 2019.9.8...
Octopus Deploy has an unspecified vulnerability (CNVD-2019-46262)
Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy versions prior to 2019.10.7 that stems from a CSRF cookie sometimes missing the secure attribute when SSL offloadin...
Atlassian JIRA < 8.4.0 Multiple Vulnerabilities
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to prior to 8.4.0. It is, therefore, affected by multiple vulnerabilities: - An authorization bypass vulnerability exists in the /rest/issueNav/1/issueTable resource as well as t...
LimeSurvey < 3.17.14 Multiple Vulnerabilities
LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross site request forgery (csrf)
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script...
PDF Signer 3.0 - SSTI to RCE via CSRF Cookie Vulnerability
Exploit for php platform in category web applications Exploit Title: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie Exploit Author: dd email protected Vendor Homepage: https://codecanyon.net/user/simcycreative Software Link:...
PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)
PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution via Cross-Site Request Forgery Cookie Exploit Title: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie Dork: N/A Date: 2019-01-28 Exploit Author: dd [email protected] Vendor Homepage:...
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
Exploit Title: LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://pokkho.com/lango/ Software Link : http://pokkho.com/lango/auth/login Software : LANGO - Codeigniter Multilingual Script Version : 1.0...
CVE-2017-9785
Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie...
Deserialization of untrusted data
Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie...
CVE-2017-9785
Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie...
CVE-2017-9785
CVE-2017-9785 affects NancyFX Nancy (Csrf.cs) prior to 1.4.4 and 2.x prior to 2.0-dangermouse. It enables Remote Code Execution through deserialization of JSON data in a CSRF cookie. Root cause: unsafe deserialization in cookie handling. Impact: RCE with network access; high severity. Remediation...